Core Concepts

1. TEE (Trusted Execution Environment)

A Trusted Execution Environment is a secure area of a processor that guarantees code and data are protected with respect to confidentiality and integrity. The library automatically detects TEE environments through attestation.

2. Attestation Flow

┌─────────┐     ┌──────────────┐     ┌──────────────┐     ┌─────────┐
│ Client  │───▶│ TEE Attestor │───—▶│ Verification │───▶│ Backend │
│ Library │     │ (Unix Socket)│     │   Service    │     │   API   │
└─────────┘     └──────────────┘     └──────────────┘     └─────────┘
                      Token                Cipher            Decision

Client requests attestation token from local TEE service
TEE Attestor provides cryptographically signed token
Verification Service validates token
Backend API verifies cipher and grants access to real data

3. Data Access Modes

Mode

Environment

Data Returned

Use Case

Local

Non-TEE

Sample data

Development, testing, debugging

TEE

Secure TEE

Real data

Production analysis on sensitive data

4. Zero-Trust Client

The client library does NOT decide whether it's running in a secure environment. It only:

Fetches attestation credentials
Backend makes all authorization decisions

This prevents malicious clients from bypassing security controls.

PreviousKey Features NextUsage

Last updated 1 month ago

Good evening

hashtag1. TEE (Trusted Execution Environment)

hashtag2. Attestation Flow

hashtag3. Data Access Modes

hashtag4. Zero-Trust Client

1. TEE (Trusted Execution Environment)

2. Attestation Flow

3. Data Access Modes

4. Zero-Trust Client